Chief Security Technology Officer
Bruce Schneier is an internationally renowned security technologist and author. Described by The Economist as a "security guru," he is best known as a refreshingly candid and lucid security critic and commentator. His first bestseller, Applied Cryptography, explained how the arcane science of secret codes actually works, and was described by Wired as "the book the National Security Agency wanted never to be published." He has since written the books Secrets and Lies, Beyond Fear and Schneier on Security. His most recent book, Liars and Outliers, is slated for release in February, 2012.
Founder and Analyst
Rich Mogull has 20 years of experience in information security, physical security, and risk management. He specializes in data security, application security, emerging security technologies, and security management. Prior to founding Securosis, Rich was a research vice president at Gartner Inc. on the security team, where he also served as research co-chair for the Gartner Security Summit. Prior to his seven years at Gartner, Rich worked as an independent consultant, Web application developer, software development manager at the University of Colorado, and systems and network administrator.
He is a frequent industry speaker at events including the RSA Security Conference and DefCon, and has spoken on every continent except Antarctica (where he's happy to speak for free—assuming travel is covered).
Chief Security Officer
Tenable Security, Inc.
Marcus Ranum is a world-renowned expert on security system design and implementation. Since the late 1980s, he has designed a number of ground-breaking security products including the DEC SEAL, the TIS firewall toolkit, the Gauntlet firewall, and NFR's Network Flight Recorder intrusion detection system. He has been involved in every level of operations of a security product business, from developer, to founder and CEO of NFR. Marcus has served as a consultant to many FORTUNE 500 firms and national governments, as well as serving as a guest lecturer and instructor at numerous high-tech conferences. In 2001, he was awarded the TISC "Clue" award for service to the security community, and also holds the ISSA lifetime achievement award. In 2005 he was awarded Security Professional of the Year by Techno Security Conference.
Trading Technology Manager
Volatility Arbitrage Fund, BlueCrest Capital Management
Prior to joining BlueCrest in late 2011, Richard was vice president of consulting at SystemExperts, where he led the compliance and security architecture practices. He has helped many organizations, from online retailers and application service providers to major manufacturers assess and improve their security and compliance programs. He has advised leading financial firms on overall security architecture, identity and access management, service-oriented architecture, enterprise wide authentication, regulatory compliance, and secure partner management.
Prior to joining SystemExperts, he was the director of collaborative development for The Open Group (the merger of the Open Software Foundation and X/Open) where he provided technical leadership for DCE from its inception through release 1.2.
Mackey has been a frequent speaker at conferences and a regular contributor to major publications on topics such as regulatory compliance, security standards, identity management, and service-oriented architecture security. Mackey has a B.S. and M.S. in electrical and computer engineering from the University of Massachusetts at Amherst.
Founder and Managing Director Senior Partner
Joel Snyder has built and secured some of the largest and highest profile messaging systems in the world for major ISPs, government agencies and Global 2000 companies. A member of the ISO and ITU committees for over a decade, Joel has authored several books and more than a hundred technical articles; designed compilers, data management applications, conferencing systems, VLSI layout applications and network software; and implemented information systems for clients as small as a two-person brokerage house and as large as NASA. A technical editor for Information Security magazine, he has written numerous feature articles and technical reviews on subjects including e-mail security, spam controls and security management systems.
Founder and Managing Director
Cobweb Applications Ltd.
Michael Cobb is a renowned security author with more than 15 years of experience in the IT industry and another 16 years of experience in finance. Cobweb Applications Ltd. is a consultancy that helps companies to secure their networks and websites, and also helps them achieve ISO 27001 certification. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. Michael is also a Microsoft Certified Database Administrator and a Microsoft Certified Professional.
IT Security Manager
University of Notre Dame
Mike Chapple previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Chapple is a frequent contributor to SearchSecurity.com, and serves as its resident expert on network security for its Ask the Experts panel. He is a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.
Founder and Senior Security Consultant
InGuardians is a Washington, DC-based information security consulting firm. Ed’s expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues. He has performed numerous security assessments, designed information security governance and operations teams for Fortune 500 companies, and responded to computer attacks for clients in financial, high technology, health care, and other industries. Ed conducted a demonstration of hacker techniques against financial institutions for the U.S. Senate and is a frequent speaker on issues associated with hacker tools and defenses. In addition to Counter Hack Reloaded, Ed is also the author of Malware: Fighting Malicious Code. He was also awarded 2004, 2005, and 2006 Microsoft MVP awards for Windows Server Security, and is an alumnus of the Honeynet Project. Previous to Intelguardians, Ed served as a security consultant with International Network Services (INS), Predictive Systems, Global Integrity, SAIC, and Bell Communications Research (Bellcore).
Owner and Principal Consultant
In addition to his work at Voodoo Security, SearchCloudSecurity.com contributor Dave Shackleford is senior vice president of research and CTO at IANS, and a SANS analyst, instructor and course author.
He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. He is a VMware vExpert and has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the co-author of Hands-On Information Security from Course Technology as well as the "Managing Incident Response" chapter in the Course Technology book Readings and Cases in the Management of Information Security. Recently, he co-authored the first published course on virtualization security for the SANS Institute. Dave serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance
Before joining the Amherst, N.H.-based consulting firm SecurityCurve, Diana Kelley formerly served as Vice President and Service Director for the Security and Risk Management Strategies (SRMS) service at Burton Group.
Diana was the Executive Security Advisor for CA’s eTrust Business Unit. At CA she was responsible for advising customers on strategic security solutions and helped guide CA’s security business. She served as the Vice President of Security Technology for Safe3W, Inc (acquired by iPass), a provider of strong, two factor authentication. Representing Safe3W she was actively involved in the Technical Group for NACHA’s Project Action. And she was a security industry Analyst with Baroudi Bloor, a top-tier analyst firm where she delivered strategic advice to, among others, IBM and Psionic (acquired by Cisco.)
Diana is an internationally recognized information security expert, speaker, strategic advisor, market analyst and writer. She has over 20 years of IT security experience including: risk management development, compliance advisement, project management, systems and network architecture development and hands-on implementation. In the course of her career she has delivered security advisory services to IBM, Microsoft, the US Government, Intel, Bank of America and Merrill Lynch, Shell, PKWARE, Symantec and Before joining the Amherst, N.H.-based consulting firm SecurityCurve, Diana Kelley formerly served as Vice President and Service Director for the Security and Risk Management Strategies (SRMS) service at Burton Group.
Eric Holmquist has more than 25 years experience in the financial services industry and is a frequent industry author and speaker. As the former vice president and director of operations risk management for Advanta Bank Corp., he was responsible for the development and oversight of the bank's operational risk management program and its information security strategy. In addition, Holmquist chaired the bank's MIS council, an oversight group that provides governance with regard to standards, methods and production of financial and operational reports and the management of enterprise data.
Gary McGraw is the CTO of Cigital, Inc., a software security consulting firm with headquarters in the Washington, D.C. area and offices throughout the world. He is a globally recognized authority on software security and the author of eight best selling books on this topic. His titles include Software Security, Exploiting Software, Building Secure Software, Java Security, Exploiting Online Games, and 6 other books; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 100 peer-reviewed scientific publications, authors a monthly security column for SearchSecurity and Information Security magazine, and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, Gary is on the Advisory Boards of Dasient (acquired by Twitter), Fortify Software (acquired by HP), Invincea, and Raven White. His dual PhD is in cognitive science and computer science from Indiana University where he serves on the Dean¹s Advisory Council for the School of Informatics. Gary served on the IEEE Computer Society Board of Governors and produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine (syndicated by SearchSecurity).